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AMENDMENTS TO THE CLAIMS 

Upon entry of this amendment, the following listing of claims will replace all prior 
versions and listings of claims in the pending application. 
IN THE CLAIMS 

Please amend claims 1, 3, 4, 6-10, 11,12, 14, 17-20, 22, 24-28, 30, 33-35, 40, 45 and 46, 
cancel claims 36 and 41, and add new claims 47 and 48 as follows: 

1. (Currently Amended) A method of controlling usage, by a user, of network resources of 
a communications network beyond a network entry device of the communications network 

that serves as the user's entry point to the communications network, the method comprising acts 
of: 

(A) configuring a port module of the network entry device with one or more packet rules 
corresponding to an identity of the user , wherein the user io uoing a us e r devic e that is directly 
conn e ct e d to th e n e twork devic e; 

(B) receiving, at the port module, a packet from the a user device; and 

(C) before usin g, by the user, any of the network resources beyond the network entry 
device, applying the one or more packet rules to the received packet to control usage, by the 
user, of any of the network resources beyond the network entry device . 

2. (Original) The method of claim 1, further comprising: 

(D) prior to act (A), authenticating the identity of the user, wherein act (A) results from 
the authentication. 

3. (Currently Amended) The method of claim 1, wherein act (C) further comprises 
comprising on act of : 

(D) r e peating act (C) a pplying the one or more packet rules for all packets received at the 
port module until th e us e r logs off of the communications n e twork . 

4. (Currently Amended) The method of claim 1 , wherein the port module is dedicated to 
receiving one or more packets from t he d e vic e of the user device until th e user logo off of the 
communications n e twork . 
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5. (Original) The method of claim 1 , the method further comprising: 

(D) selecting the one or more packet rules based on the identity of the user. 

6. (Currently Amended) The method of claim 5, wherein the identity of the user is 
associated with a role assigned to the user, and the role is associated with the one or more packet 
rules, and wherein act (D) further comprises: 

-selecting the one or more packet rules based on the role assigned to the user. 

7. (Currently Amended) The method of claim 6, wherein act (A) further 
comprises: 

configuring the port module according to the role assigned to the user . 

8. (Currently Amended) The method of claim 1, wherein the method further comprises 
an act of: 

(D) routing the packet beyond the network entry device based on the one or more 
packet rules. 

9. (Currently Amended) The method of claim 1, wherein the method further comprises an 
act of: 

(D) preventing the packet from being transmitted onto a transmission m e dium of th e 
communications n e twork beyond the network entry device based on the one or more packet 
rules. 

10. (Currently Amended) The method of claim 1, wherein act (C) comprises: 
configuring the received packet based on the one or more packet rules. 

11. (Currently Amended) The method of claim 10, wherein configuring the received packet 
comprises an act of: 

changing information included in the received packet. 
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12. (Currently Amended ) The method of claim 10, wherein configuring the received packet 
comprises an act of: 

adding information to the received packet. 

13. (Original) The method of claim 1, wherein the method further comprises an act of: 
(D) controlling an amount of bandwidth on the communications network consumed by 

the user based on the one or more packet rules. 

14. (Currently Amended) The methodof claim - 1, wherein the method further"comprises an ~ 
act of: 

(D) controlling access to at least a second device d e vic e s residing on the communications 
network based on the one or more packet rules. 

15. (Original) The method of claim 1, wherein the method further comprises an act of: 
(D) controlling access to information stored on devices residing on the communications 

network based on the one or more packet rules. 

16. (Original) The method of claim 1, wherein the method further comprises an act of: 

(D) controlling access to at least a portion of an application stored on a device residing on 
the communications network based on the one or more packet rules. 

17. (Currently Amended) A network entry device serving as an entry point to a 
communications network for a user and operative to control usage of network resources by the 
user beyond the network entry device, the network entry device comprising: 

a port module including port configuration logic to configure the port module with one or 
more packet rules corresponding to an identity of the user, wh e r e in th e us e r is using a us e r d e vic e 
that is dir e ctly conn e ct e d to th e n e twork device, the port module further including a physical port 
to receive a packet from the at least one user device and rule application logic to apply the one 
or more packet rules to the received packet before usin g, by the user, any of the network 
resources beyond the network entry device. 
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authentication logic to authenticate the identity of the user, wherein the configuration 
logic is operative to configure the port module in response to the authenticatio n of the user . 

19. (Currently Amended) The system of claim 17, wherein the rule application logic is 
operative to apply the one or more packet rules to all packets received from the devic e of the least 
one u ser device at the port module until the us e r logs off of th e communications n e twork . 

20. (Currently Amended) The system of claim 17, wherein the port module is dedicated to 
receiving one or more packets~from t h e d e vic e of t he leastone user device until th e us e r logs off 
of th e communications network . 

21. (Original) The system of claim 17, wherein the port configuration logic is operative to 
select the one or more packet rules based on the identity of the user. 

22. (Currently Amended) The system of claim 21, wherein the identity of the user is 
associated with a role assigned to the user, and the role is associated with the one or more packet 
rules, and wherein the port configuration logic is operative to select the one or more packet rules 
based on the role assigned to the user . 

23. (Original) The system of claim 22, wherein the port configuration logic is operative to 
configure the port module according to the role. 

24. (Currently Amended) The system of claim 17, wherein the port module is operative to 
route the packet beyond the network entry device b ased on the one or more packet rules. 

25. (Currently Amended) The system of claim 17, wherein the port module is operative to 
prevent the packet from being transmitted beyond the network entry device onto a transmission 
m e dium of th e communications n e twork based on the one or more packet rules. 

26. (Currently Amended) The system of claim 17, wherein the rule application logic is 
operative to configure the received packet based on the one or more packet rules. 
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27. (Currently Amended) The system of claim 26, wherein the rule application logic is 
operative to configure the received packet by changing information included in the received 
packet. 

28. (Currently Amended) The system of claim 26, wherein the rule application logic is 
operative to configure the received packet by adding information to the received packet. 

29. (Original) The system of claim 17, wherein the port module is operative to control an 
amount of bandwidth on the communications network consumed by tfie~user based on the one or' 
more packet rules. 

30. (Currently Amended) The system of claim 17, wherein the port module is operative to 
control access to at least a second device d evices residing on the communications network based 
on the one or more packet rules. 

31. (Original) The system of claim 17, wherein the port module is operative to control access 
to information stored on devices residing on the communications network based on the one or 
more packet rules. 

32. (Original) The system of claim 17, wherein the port module is operative to control access 
to at least a portion of an application stored on a device residing on the communications network 
based on the one or more packet rules. 

33. (Currently Amended) A network entry device serving as an entry point to a 
communications network for a user, the network entry device operative to control usage of 
network resources beyond the network entry device by the user and comprising: 

a port module including a physical port to receive a packet from a device used by the user 
and rule application logic to apply one or more packet rules to the received packet before usingi 
by the user, any of the network resources beyond the network entry device; and 

means for configuring the port module with the one or more packet rules based on an 
identity of the user , wh e r e in th e us e r d e vic e is directly connect e d to th e n e twork d e vic e. 
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34. (Currently Amended) A computer program product, comprising: 
a computer-readable medium; and 

computer-readable signals information stored on the computer-readable medium that 
define instructions that, as a result of being executed by a computer, instruct the computer to 
perform a process of controlling usage of network resources, by a user, of a communications 
network beyond a network entry device of th e communications n e twork that serves as the user's 
entry point to the communications network, the process comprising acts of: 

(A) configuring a port module of the network entry device with one or more packet rules 
corresponding to an identity of the use r, wh e rein the user is using a user device that is directly 
conn e ct e d to the network device ; 

(B) receiving, at the port module, a packet from the user device; and 

(C) before usin g, by the user, any of the network resources beyond the network entry 
device, applying the one or more packet rules to the received packet to control the usage, by the 
user, of any of the network resources beyond the network entry device . 

35. (Currently Amended) A method of controlling network resource u sage of network 
r e sourc e s of a communications network b y a user at a network entry device of the 
communications network that serves as the user's entry point to the communications network, 
wherein the user has an assigned role with respect to the communications network, and the 
assigned role is associated with one or more packet rules, each packet rule including a condition 
and action to be taken if a packet received at a device the network entry d evice satisfies the 
condition, the method comprising acts of: 

(A) receiving a packet including identification information of the user from a device of 
the user at a port module of the a-network entry device; 

(B) determining the assigned role of the user based on the identification information; and 

(C) configuring the port module of the network entry device with the one or more packet 
rules associated with the assigned role of the user. 

36. (Canceled). 
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37. (Original) The method of claim 35, wherein user information about the user is stored on 
a computer-readable medium residing on the communications network, the user information 
including identification information and the assigned role of the user, and act (B) further 
comprises acts of: 

accessing the stored user information to determine if the identification information 
included therein matches the identification information included in the received packet; and 

if it is determined that the stored identification information matches the received 
identification information, determining-the assigned role-from the stored-user-information 

38. (Original) The method of claim 35, further comprising: 
(D) assigning the assigned role to the user. 

39. (Original) The method of claim 35, further comprising: 
(D) authenticating the identity of the user. 

40. (Currently Amended) A system for controlling network resource u sage of n e twork 
resources of a communications n e twork b y a user at a network entry device of the 
communications network that serves as the user's entry point to the communications 
network, wherein the user has an assigned role with respect to the communications network, 
and the assigned role is associated with one or more packet rules, each packet rule including 
a condition and action to be taken if a packet received at a d e vic e the network entry device 
satisfies the condition, the system comprising: 

a port module of the network entry device, the port module including a physical port to 
receive a packet including identification information of the user from a device of the user and 
port configuration logic to configure the port module with the one or more packet rules 
associated with the assigned role of the user; and 

an authentication module to determine the assigned role of the user based on the 
identification information. 

41. (Canceled). 

42. (Original) The system of claim 40, wherein user information about the user is stored on a 
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computer-readable medium residing on the communications network, the user information 
including identification information and the assigned role of the user, and 

wherein the authentication module is operative to control accessing the stored user 
information to determine if the identification information included therein matches the 
identification information included in the received packet, and to determine the assigned role 
from the stored user information if it is determined that the stored identification information 
matches the received identification information. 

437 X^gin^ 

assigning logic to assign the assigned role to the user. 

44. (Original) The system of claim 40, the authentication module is operative to authenticate 
the identity of the user. 

45. (Currently Amended) A system for controlling r e sourc e usage of network resources of a 
communications network by a user at a network entry device of the communications network that 
serves as the user's entry point to the communications network, wherein the user has an assigned 
role with respect to the communications network, and the assigned role is associated with one or 
more packet rules, each packet rule including a condition and action to be taken if a packet 
received at a d e vic e the network entry device satisfies the condition, the system comprising: 

a port module of the network entry device, the port module including a physical port to 
receive a packet including identification information of the user from a device of the user and 
port configuration logic to configure the port module with the one or more packet rules 
associated with the assigned role of the user; and 

means for determining the assigned role of the user based on the identification 
information. 

46. (Currently Amended) A computer program product, comprising: 
a computer-readable medium; and 

computer-readable signals information stored on the computer-readable medium that 
define instructions that, as a result of being executed by a computer, instruct the computer to 
perform a process of controlling network resource usage of n e twork r e sourc e s e&et 
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communications n e twork by a user ata network entry device of the communications network 
that serves as the user's entry point to the communications network, wherein the user has an 
assigned role with respect to the communications network, and the assigned role is associated 
with one or more packet rules, each packet rule including a condition and action to be taken if a 
packet received at a device the network entry device satisfies the condition, the process 
comprising acts of: 

(A) receiving a packet including identification information of the user from a device of 
the user at a port module of a network entry device; 

(B) determining the assigned role of the user based on the identification information; and 

(C) configuring the port module with the one or more packet rules associated with the 
assigned role of the user. 

47. (New) The method of claim 1, wherein act (B) further comprises, receiving, at the port 
module, a packet from the user device to identify the user to the network entry device. 

48. (New) The method of claim 47, wherein act (B) further comprises, receiving, at the port 
module, the packet in response to the network entry device requesting login information from the 
user device 
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